GUEST RESEARCH: On 29 August 2023, US law enforcement announced a multinational operation that disrupted the Qakbot botnet (also known as Qbot) and as.
GUEST RESEARCH: Venafi investigation of 35 million dark web URLs shows macro-enabled ransomware is widely available at bargain prices. Venafi, the inv.
Egregor s data-leaking site remains offline. (Source: Malwarebytes)
Individuals suspected of being affiliates of the Egregor ransomware-as-a-service operation have reportedly been arrested in Ukraine.
The arrests were announced on Friday by radio station France Inter, which said French police had launched an investigation last fall, spurred by attacks against domestic organizations, and had begun working with police in Ukraine to investigate.
France Inter reports that the arrests of the individuals - who provided hacking, and logistical and financial support for Egregor - are the result of an investigation being run by the anti-cybercrime division of the Central Directorate of the Judicial Police, part of France s national police force, working with police in Ukraine and with the EU s law enforcement agency Europol coordinating.
An example of an Egregor ransomware note used during a previous attack (Source: Digital Shadows)
The FBI issued a warning this week over the growing threat from the operators behind the Egregor ransomware variant and other cybercriminal gangs affiliated with the group.
The alert notes that, since September, the Egregor gang and its affiliates claim to have compromised approximately 150 corporate networks in the U.S. and other countries. In some cases, the extortion demands have reached $4 million, according to a previous report by cybersecurity firm Group-IB.
In addition to acting on its own, Egregor has affiliated cybercriminals that carry out their own attacks and receive a percentage of the ransom if the money is paid by the victim. This makes defending and mitigating against these types of attacks difficult.
An example of an Egregor ransomware note used during a previous attack (Source: Digital Shadows)
The FBI issued a warning this week over the growing threat from the operators behind the Egregor ransomware variant and other cybercriminal gangs affiliated with the group.
The alert notes that, since September, the Egregor gang and its affiliates claim to have compromised approximately 150 corporate networks in the U.S. and other countries. In some cases, the extortion demands have reached $4 million, according to a previous report by cybersecurity firm Group-IB.
In addition to acting on its own, Egregor has affiliated cybercriminals that carry out their own attacks and receive a percentage of the ransom if the money is paid by the victim. This makes defending and mitigating against these types of attacks difficult.